Thwarting inside jamming attacks on wireless broadcast communications

We address the problem of jamming-resistant broadcast com-munications under an internal threat model. We propose a time-delayed broadcast scheme (TDBS), which implements the broadcast operation as a series of unicast transmissions, distributed in frequency and time. TDBS does not rely on commonly shared secrets, or the existence of jamming-immune control channels for coordinating broadcasts. In-stead, each node follows a unique pseudo-noise (PN) fre-quency hopping sequence. Contrary to conventional PN se-quences designed for multi-access systems, our sequences ex-hibit high correlation to enable broadcast. Moreover, their design limits the information leakage due to the exposure of a subset of sequences by compromised nodes. We map the problem of constructing such PN sequences to the 1-factorization problem for complete graphs. Our evaluation results show that TDBS can maintain broadcast communi-cations in the presence of inside jammers

A Survey on the Communication Protocols and Security in Cognitive Radio Networks

A cognitive radio (CR) is a radio that can change its transmission parameters based on the perceived availability of the spectrum bands in its operating environment. CRs support dynamic spectrum access and can facilitate a secondary unlicensed user to efficiently utilize the available underutilized spectrum allocated to the primary licensed users. A cognitive radio network (CRN) is composed of both the secondary users with CR-enabled radios and the primary users whose radios need not be CR-enabled. Most of the active research conducted in the area of CRNs has been so far focused on spectrum sensing, allocation and sharing. There is no comprehensive review paper available on the strategies for medium access control (MAC), routing and transport layer protocols, and the appropriate representative solutions for CRNs. In this paper, we provide an exhaustive analysis of the various techniques/mechanisms that have been proposed in the literature for communication protocols (at the MAC, routing and transport layers), in the context of a CRN, as well as discuss in detail several security attacks that could be launched on CRNs and the countermeasure solutions that have been proposed to avoid or mitigate them. This paper would serve as a good comprehensive review and analysis of the strategies for MAC, routing and transport protocols and security issues for CRNs as well as would lay a strong foundation for someone to further delve onto any particular aspect in greater depth

Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures

The electricity industry is now at the verge of a new era. An era that promises, through the evolution of the existing electrical grids to Smart Grids, more efficient and effective power management, better reliability, reduced production costs and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the Smart Grid and the Smart Home, which we present as an integral part of the Smart Grid. Based on several scenarios we aim to present some of the most representative threats to the Smart Home / Smart Grid environment. The threats detected are categorized according to specific security goals set for the Smart Home/Smart Grid environment and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes the paper

Collaborative, Intelligent, and Adaptive Systems for the Low-Power Internet of Things

With the emergence of the Internet of Things (IoT), more and more devices are getting equipped with communication capabilities, often via wireless radios. Their deployments pave the way for new and mission-critical applications: cars will communicate with nearby vehicles to coordinate at intersections; industrial wireless closed-loop systems will improve operational safety in factories; while swarms of drones will coordinate to plan collision-free trajectories. To achieve these goals, IoT devices will need to communicate, coordinate, and collaborate over the wireless medium. However, these envisioned applications necessitate new characteristics that current solutions and protocols cannot fulfill: IoT devices require consistency guarantees from their communication and demand for adaptive behavior in complex and dynamic environments.In this thesis, we design, implement, and evaluate systems and mechanisms to enable safe coordination and adaptivity for the smallest IoT devices. To ensure consistent coordination, we bring fault-tolerant consensus to low-power wireless communication and introduce Wireless Paxos, a flavor of the Paxos algorithm specifically tailored to low-power IoT. We then present STARC, a wireless coordination mechanism for intersection management combining commit semantics with synchronous transmissions. To enable adaptivity in the wireless networking stack, we introduce Dimmer and eAFH. Dimmer combines Reinforcement Learning and Multi-Armed Bandits to adapt its communication parameters and counteract the adverse effects of wireless interference at runtime while optimizing energy consumption in normal conditions. eAFH provides dynamic channel management in Bluetooth Low Energy by excluding and dynamically re-including channels in scenarios with mobility. Finally, we demonstrate with BlueSeer that a device can classify its environment, i.e., recognize whether it is located in a home, office, street, or transport, solely from received Bluetooth Low Energy signals fed into an embedded machine learning model. BlueSeer therefore increases the intelligence of the smallest IoT devices, allowing them to adapt their behaviors to their current surroundings

Adaptive Frequency Hopping Algorithms for Multicast Rendezvous in DSA Networks

Abstract-Establishing communications in a dynamic spectrum access (DSA) network requires communicating nodes to "rendezvous" before transmitting their data packets. Frequency hopping (FH) provides an effective method for rendezvousing without relying on a predetermined control channel. FH rendezvous protocols have mainly targeted pairwise rendezvous, using fixed (non-adaptive) FH sequences and assuming a homogeneous spectrum environment, i.e., all nodes perceive the same spectrum opportunities. In this paper, we address these limitations by developing three multicast rendezvous algorithms: AMQFH, CMQFH, and nested-CMQFH. The three algorithms are intended for asynchronous spectrum-heterogeneous DSA networks. They provide different tradeoffs between speed and robustness to node compromise. We use the uniform k-arbiter and the Chinese remainder theorem (CRT) quorum systems to design our multicast rendezvous algorithms. We also design two "optimal" channel ordering mechanisms for channel sensing and assignment, one for AMQFH and the other for CMQFH and nested-CMQFH. Finally, we develop a proactive out-of-band sensing based dynamic FH (DFH) algorithm for online adaptation of the FH sequences used in the proposed rendezvous algorithms. Extensive simulations are used to evaluate our algorithms

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Resource-Efficient Communication in the Presence of Adversaries

This dissertation presents algorithms for achieving communication in the presence of adversarial attacks in large, decentralized, resource-constrained networks. We consider abstract single-hop communication settings where a set of senders wishes to directly communicate with a set of receivers . These results are then extended to provide resource-efficient, multi-hop communication in wireless sensor networks (WSNs), where energy is critically scarce, and peer-to-peer (P2P) networks, where bandwidth and computational power are limited. Our algorithms are provably correct in the face of attacks by a computationally bounded adversary who seeks to disrupt communication between correct participants. The first major result in this dissertation addresses a general scenario involving single-hop communication in a time-slotted network where a single sender in wishes to transmit a message to a single receiver in . The two players share a communication channel; however, there exists an adversary who aims to prevent the transmission of by periodically blocking this channel. There are costs to send, receive or block on the channel, and we ask: How much do the two players need to spend relative to the adversary in order to guarantee transmission of the message? This problem abstracts many types of conflict in information networks, and the associated costs represent an expenditure of network resources. We show that it is significantly more costly for the adversary to block than for the two players to achieve communication. Specifically, if the cost to send, receive and block in a slot are fixed constants, and the adversary spends a total of slots to try to block the message, then both the sender and receiver must be active in only O(ᵠ⁻¹ + 1) slots in expectation to transmit , where φ = (1+ √5)/2 is the golden ratio. Surprisingly, this result holds even if (1) the value of is unknown to either player; (2) the adversary knows the algorithms of both players, but not their random bits; and (3) the adversary is able to launch attacks using total knowledge of past actions of both players. Finally, these results are applied to two concrete problems. First, we consider jamming attacks in WSNs and address the fundamental task of propagating from a single device to all others in a WSN in the presence of faults; this is the problem of reliable broadcast. Second, we examine how our algorithms can mitigate application-level distributed denial-of-service attacks in wired client-server scenarios. The second major result deals with a single-hop communication problem where now consists of multiple senders and there is still a single receiver who wishes to obtain a message . However, many of the senders (strictly less than half) can be faulty, failing to send or sending incorrect messages. While the majority of the senders possess , rather than listening to all of and majority filtering on the received data, we desire an algorithm that allows the single receiver to decide on in a more efficient manner. To investigate this scenario, we define and devise algorithms for a new data streaming problem called the Bad Santa problem which models the selection dilemma faced by the receiver. With our results for the Bad Santa problem, we consider the problem of energy-efficient reliable broadcast. All previous results on reliable broadcast require devices to spend significant time in the energy-expensive receiving state which is a critical problem in WSNs where devices are typically battery powered. In a popular WSN model, we give a reliable broadcast protocol that achieves optimal fault tolerance (i.e., tolerates the maximum number of faults in this WSN model) and improves over previous results by achieving an expected quadratic decrease in the cost to each device. For the case where the number of faults is within a (1-∊)-factor of the optimal fault tolerance, for any constant ∊>0, we give a reliable broadcast protocol that improves further by achieving an expected (roughly) exponential decrease in the cost to each device. The third and final major result of this dissertation addresses single-hop communication where and both consist of multiple peers that need to communicate in an attack-resistant P2P network. There are several analytical results on P2P networks that can tolerate an adversary who controls a large number of peers and uses them to disrupt network functionality. Unfortunately, in such systems, operations such as data retrieval and message sending incur significant communication costs. Here, we employ cryptographic techniques to define two protocols both of which are more efficient than existing solutions. For a network of peers, our first protocol is deterministic with O(log²) message complexity and our second protocol is randomized with expected O(log ) message complexity; both improve over all previous results. The hidden constants and setup costs for our protocols are small and no trusted third party is required. Finally, we present an analysis showing that our protocols are practical for deployment under significant churn and adversarial behaviour

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node

Cognitive radio adaptive rendezvous protocols to establish network services for a disaster response

Disasters are catastrophic events that cause great damage or loss of life. In disasters, communication services might be disrupted due to damage to the existing network infrastructure. Temporary systems are required for victims and first responders, but installing them requires information about the radio environment and available spectrum. A cognitive radio (CR) can be used to provide a flexible and rapidly deployable temporary system due to its sensing, learning and decision-making capabilities. This thesis initially examines the potential of CR technology for disaster response networks (DRN) and shows that they are ideally suited to fulfill the requirements of a DRN. A software defined radio based prototype for multiple base transceiver stations based cellular network is proposed and developed. It is demonstrated that system can support a large number of simultaneous calls with sufficient call quality, but only when the background interference is low. It is concluded that to provide call quality with acceptable latency and packet losses, the spectrum should be used dynamically for backhaul connectivity. The deployment challenges for such a system in a disaster include the discovery of the available spectrum, existing networks, and neighbours. Furthermore, to set up a network and to establish network services, initially CR nodes are required to establish a rendezvous. However, this can be challenging due to unknown spectrum information, primary radio (PR) activity, nodes, and topology. The existing rendezvous strategies do not fulfill the DRN requirements and their time to rendezvous (TTR) is long. Therefore, we propose an extended modular clock algorithm (EMCA) which is a multiuser blind rendezvous protocol, considers the DRN requirements and has short TTR. For unknown nodes and topologies, a general framework for self-organizing multihop cooperative fully blind rendezvous protocol is also proposed, which works in different phases, can terminate when sufficient nodes are discovered, and is capable of disseminating the information of nodes which enter or leave a network. A synchronization mechanism is presented for periodic update of rendezvous information. An information exchange mechanism is also proposed which expedites the rendezvous process. In both single and multihop networks, EMCA provides up to 80% improvement in terms of TTR over the existing blind rendezvous strategies while considering the PR activity. A simple Random strategy, while being poorer than EMCA, is also shown to outperform existing strategies on average. To achieve adaptability in the presence of unknown PR activity, different CR operating policies are proposed which avoid the channels detected with PR activity to reduce the harmful interference, provide free channels to reduce the TTR, and can work with any rendezvous strategy. These policies are evaluated over different PR activities and shown to reduce the TTR and harmful interference significantly over the basic Listen before Talk approach. A proactive policy, which prefers to return to channels with recent lower PR activity, is shown to be best, and to improve the performance of all studied rendezvous strategies